Tageszusammenfassung - 14.12.2018

End-of-Day report

Timeframe: Donnerstag 13-12-2018 18:00 - Freitag 14-12-2018 18:00 Handler: Dimitri Robl Co-Handler: Robert Waldner

News

The economics of vulnerability disclosure

A new ENISA report aims to provide a glimpse into the costs, incentives, and impact related to discovering and disclosing vulnerabilities in information security.

https://www.enisa.europa.eu/news/enisa-news/the-economics-of-vulnerability-disclosure

How to protect yourself as the threat of scam apps grows

As the threat of bogus apps continues, what can we do to protect ourselves against these fraudulent practices?

https://www.welivesecurity.com/2018/12/14/protect-yourself-threat-scam-apps-grows/

Vulnerabilities

BlackBerry powered by Android Security Bulletin - December 2018

BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones.

http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000054042

Logitech Keystroke Injection Flaw Went Unaddressed for Months

The flaw allows a remote attacker to gain full access over a machine.

https://threatpost.com/logitech-keystroke-injection-flaw/139928/

Security updates for Friday

Security updates have been issued by CentOS (ghostscript, git, java-1.7.0-openjdk, java-11-openjdk, kernel, NetworkManager, python-paramiko, ruby, sos-collector, thunderbird, and xorg-x11-server), Debian (gcc-4.9), and SUSE (amanda, ntfs-3g_ntfsprogs, and tiff).

https://lwn.net/Articles/774940/

WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0009

Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. CVE identifiers: CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464.

https://webkitgtk.org/security/WSA-2018-0009.html

QEMU: Mehrere Schwachstellen

Ein lokaler Angreifer kann mehrere Schwachstellen in QEMU ausnutzen, um Informationen offenzulegen oder einen Denial of Service zu verursachen.

http://www.cert-bund.de/advisoryshort/CB-K18-1175

IBM Security Bulletin: Vulnerabilities in Struts v2 affect IBM Security Guardium (CVE-2016-1181, CVE-2016-1182)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-struts-v2-affect-ibm-security-guardium-cve-2016-1181-cve-2016-1182/

IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by vulnerabilities in IBM Java Runtime

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-corporate-payment-services-for-multi-platform-v2-1-1-is-affected-by-vulnerabilities-in-ibm-java-runtime/

IBM Security Bulletin: IBM Security Guardium is affected by a Cross-Site scripting vulnerabilities vulnerability

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-cross-site-scripting-vulnerabilities-vulnerability/

IBM Security Bulletin: IBM Security Guardium is affected by a Cross-Site scripting vulnerability in user login vulnerability

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-cross-site-scripting-vulnerability-in-user-login-vulnerability/

IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services v2.1.1 is affected by a potential cross-site scripting (XSS) vulnerability (CVE-2018-1871)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-corporate-payment-services-v2-1-1-is-affected-by-a-potential-cross-site-scripting-xss-vulnerability-cve-2018-1871/

IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-using-components-with-known-vulnerabilities-vulnerability-12/

IBM Security Bulletin: IBM Security Guardium is affected by a Foreshadow Spectre Variant vulnerability

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-foreshadow-spectre-variant-vulnerability/

IBM Security Bulletin: Multiple vulnerabilities in IBM Runtime Environment Java affect Rational Build Forge (CVE-2018-1656; CVE-2018-2973; CVE-2018-12539)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-runtime-environment-java-affect-rational-build-forge-cve-2018-1656-cve-2018-2973-cve-2018-12539/

IBM Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Provisioning Manager for OS Deployment and Tivoli Provisioning Manager for Images (CVE-2018-0732)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-openssl-affect-tivoli-provisioning-manager-for-os-deployment-and-tivoli-provisioning-manager-for-images-cve-2018-0732/

IBM Security Bulletin: IBM Security Guardium is affected by a public disclosed vulnerability from Apache ZooKeeper

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-public-disclosed-vulnerability-from-apache-zookeeper/

IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Emptoris Strategic Supply Management Suite of Products and IBM Emptoris Services Procurement

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-emptoris-strategic-supply-management-suite-of-products-and-ibm-emptoris-services-procurement-3/